Thousands of NHS computer "smartcards" used to give access to confidential patient records have gone missing.

GP magazine Pulse, which reported the loss, said its survey of NHS bodies suggested the figure could be as high as 6,000.

Connecting for Health, in charge of NHS computer systems, said 4,147 were unaccounted for - but insisted that they were useless without PIN numbers.

As many as 1.2 million cards will eventually be issued to NHS staff.

You can't expect stuff to remain confidential if a few hundred thousand people have access

Professor Ross AndersonCambridge University

The government is trying to create an NHS-wide computer system allowing medical records to be available across the country at the touch of a button.

This has prompted fears that personal data could be vulnerable, despite security measures.

Any member of staff wanting to access the new system would need a "smartcard", similar to the "Chip and Pin" cards, which would have to be plugged into a slot on the PC to allow access.

Well over 400,000 cards have already been handed to NHS staff, and Connecting for Health revealed that just under 1% have been reported missing, with 1,240 of these reported in the past year.

Pulse's figure of 6,000 was based on Freedom of Information requests to NHS bodies across England.

Connecting for Health said that multiple reports of the same card loss might account for the difference.

One trust in ten said that it had no idea how many cards had been lost or stolen.

Card-sharing

Pulse deputy editor Richard Hoey said: "The real message here isn't how many smartcards are being lost, but how many trusts are failing to keep proper records or gear themselves up to deal with security breaches."

However, Professor Ross Anderson, a computer security specialist from the University of Cambridge, said that it was unrealistic to believe that such a large network would remain entirely secure.

"You can't expect stuff to remain confidential if a few hundred thousand people have access.

"There will be several hundred at any time who've lost their smartcards and thousands who leave terminals logged on or share cards in other ways."

A spokesman for Connecting for Health said there were other safeguards designed to protect confidential information.

"As soon as a smartcard is reported lost it is disabled. It cannot be used by anyone finding it without a six-digit PIN number, which is issued directly to users."

The new computer system, the largest civil computing project in history, has been dogged by delays and fears over patient privacy, with some doctors calling for it to be abandoned.

However, Connecting for Health says it will deliver clear benefits for patients, including the ability for any doctor, anywhere in the NHS, to view medical records before deciding on treatment.

A spokesman said: "There is no evidence that any security breaches have ever arisen from lost of stolen cards."